Was Snowflake hacked?

Yes. The Snowflake breach occurred on April 14, 2024, affecting Over 500 million records.

What data was exposed in the Snowflake breach?

In 2024, attackers exploited Snowflake customer accounts, affecting 165+ organizations including major corporations. Learn what happened.

What should I do if I was affected by the Snowflake data breach?

Check if your data was exposed using our free tool, change your passwords, enable two-factor authentication, and monitor your accounts for suspicious activity.

Snowflake Data Breach

Critical Severity Over 500 million records affected Published February 10, 2026

Company	Snowflake
Breach Date	April 14, 2024
Disclosure Date	May 30, 2024
Records Affected	Over 500 million

In mid-2024, a wave of data thefts hit over 165 organizations using Snowflake's cloud data platform. Attackers used stolen credentials to access customer Snowflake accounts that lacked multi-factor authentication, leading to massive data exposures at companies like Ticketmaster, AT&T, Santander, and others.

What Happened

A threat actor tracked as UNC5537 used credentials stolen via infostealer malware to access Snowflake customer accounts. The attackers targeted accounts that did not have multi-factor authentication enabled. Snowflake itself was not directly breached, but the lack of enforced MFA on customer accounts allowed widespread unauthorized access. The campaign affected at least 165 organizations. Mandiant and CrowdStrike investigated the incidents and attributed the attacks to financially motivated cybercriminals. Snowflake subsequently began requiring MFA for all accounts.

What Data Was Exposed

Varied by affected company but included:
Customer personal information
Financial records
Call and text metadata
Payment card details
Corporate data and analytics
Healthcare records

Who Is Affected

Customers of over 165 organizations that stored data in Snowflake were potentially affected. This includes customers of Ticketmaster, AT&T, Santander, Advance Auto Parts, LendingTree, and many others. The total number of affected individuals exceeds 500 million across all impacted companies.

How to Check If You Were Affected

Since the Snowflake incident affected many different companies, check for breach notifications from individual companies you do business with. Visit HaveIBeenPwned.com to check if your email appears in any of the related breaches. Review news reports about affected Snowflake customers to determine if companies you use were impacted.

What You Should Do Now

Check if any of your service providers were affected by the Snowflake-related breaches
Change passwords for any accounts with affected companies
Enable multi-factor authentication everywhere possible
Monitor your financial accounts for suspicious activity
Be cautious of phishing attempts referencing any of the affected companies
Consider a credit freeze if your financial data was exposed

Last updated: February 10, 2026